Product Assessment
When an organization considers adding a new application to its infrastructure or replace an existing one, or rolling out a new in-house developed product into the commercial market, there are a plethora of security-related concerns to consider apart from just whether or not the application provides the needed functionality.
Security is relative. There is no generic set of functions and features a system must have in order to be secure. But some basic questions that need to be answered before investing in a product are:
- How well has the vendor historically handled security reports?
- Which interfaces in the application are most sensitive from a security standpoint?
- What are the likely attack vectors from using this application?
- What is the security state of the product?
- How effective and efficient is the vendor at addressing known vulnerabilities?
The Product Assessment Service from CyberShelter can answer all those questions and more for you before you implement a new third-party product or launch an in-house developed application or if you want an analysis of an existing product on your network.
-
How our assessment works?
Our security evaluation starts with a thorough requirements analysis. What needs to be protected, against whom and what? This adds an extra layer of comprehensiveness to the assessment rather than just producing a list of bugs. Our experienced team of vulnerability analysts who have extensive experience in dealing with vendors, product security, and vulnerabilities, as part of their vulnerability database work, will perform an extensive analysis and report not just on the historic problems with a given application, but also the vendor’s capabilities at dealing with vulnerabilities that are discovered in their products. If it is a new application developed by your enterprise, our analysis will include a detailed report on potential risks that the application may encounter in the future. Reports on the overall security level of the product tested and the list of observations, tests, and test results are documented in such a way that your developers will be able to reproduce it.
CyberShelter has in-depth experience in researching vulnerabilities in products from most major software vendors including Microsoft, Adobe, Novell, HP, IBM, Google, Honeywell, Blue Coat, and many more.
Don’t add a product to your infrastructure before you know that it won’t compromise your security. Don’t launch your product before recognizing and resolving existing security flaws or documenting potential vulnerabilities. Get all your questions answered with CyberShelter’s Product Assessment Service.